Search
Keyword: troj_crypctb
It may be dropped by TROJ_DROPPER.ZBB. It injects itself into specific processes as part of its memory residency routine. It connects to the following possibly malicious URL This Trojan may be
This Trojan arrives as attachment to mass-mailed email messages. It executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system.
This trojan uses social engineering methods to lure users into performing certain actions that may, directly or indirectly, cause malicious routines to be performed. Specifically, it makes use of
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. Arrival Details This Trojan arrives as an attachment to email messages spammed by other
This Trojan takes advantage of the RTF Stack Buffer Overflow Vulnerability in order to drop malicious files into an affected system. Once it exploits the said vulnerability, it drops a file, which is
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It executes the downloaded files. As a result, malicious routines of the
This Trojan uses social engineering methods to lure users into performing certain actions that may, directly or indirectly, cause malicious routines to be performed. Specifically, it makes use of
This Trojan may be dropped by other malware. It may be dropped by other malware. Arrival Details This Trojan may be dropped by other malware. It may be dropped by the following malware:
It takes advantage of the vulnerabilities in Microsoft Office that could allow remote code execution (MS10-087). Once it successfully exploits the said vulnerability, it drops a file detected as
Installation This Trojan adds the following folders: %Program Files%\I-Tori %Program Files%\I-Tori\net-warez %Program Files%\I-Tori\net-warez\update (Note: %Program Files% is the default Program
This Trojan uses social engineering methods to lure users into performing certain actions that may, directly or indirectly, cause malicious routines to be performed. Specifically, it makes use of the
The reply from the said website contains a URL where a file can be downloaded: http://{BLOCKED}.{BLOCKED}.48.46/upfire.exe It then parses the reply to get the URL and downloads the file from the said
This Trojan may be dropped by other malware. Arrival Details This Trojan may be dropped by the following malware: TROJ_BREDOLAB TROJ_SASFIS TROJ_OFICLA Installation This Trojan drops the following
This Trojan may be dropped by other malware. Arrival Details This Trojan may be dropped by the following malware: TROJ_MDROPPR.AH Installation This Trojan drops and executes the following files:
This Trojan uses common file icons to trick a user into thinking that the files are legitimate. It executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited
This Trojan is noteworthy as it may arrive via blackhat search engine optimization (SEO) poisoned results. More specifically, users may inadvertently download this rogue antivirus program when using
Arrival Details This Trojan may be downloaded from the following remote sites: http://{BLOCKED}t.com/sw/mssaezv/etsg.jar Other Details Based on analysis of the codes, it has the following
It drops a copy of itself detected as TROJ_FRAUDPAC.ZB. This Trojan may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while visiting
This Trojan executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. Installation This Trojan drops the following files: %User Temp%
It saves the downloaded file, which is detected as TROJ_FAKEAV.GXX in a specific folder. This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting